I wanted to let you know that the really smart
programmers at Earthweb have begun posting my surveys to
the HTML Goodies site. You can only get the survey on the
home page and it only offers the survey to every fifth
person. Keep an eye out for it and if you're lucky enough
to get the survey, let us know your feelings. We'll post
five surveys over the next two months. Each will cover a
different aspect of Web page design. I'll be using the
results of the survey to put together my third book,
tentatively titled "Design Goodies".

Did you hear...

Melissa is back. The virus that brought Microsoft along
with a few other major corporations to their collective
emailed knees popped up again in the state of Washington,
shutting down Snohomish County government's e-mail system.
Keep those virus protection software packages up to date
and don't open any attachments. I've actually stopped
opening attachments all together. I tell people to paste
the text into the email, or call me as they are sending
the file. Picky, yes, but I'm clean.

I bought my wife four packets of bath salts and gels for
Valentines Day. Each is an aromatherapy packet that has
gels and a candle and a few other items including a face
spritzer (of all things). I bought it over the Internet
(obviously). Maybe some of you guys did the same. Oooops!
According to the "experts" (how do you get THIS job???)
giving a "romantic gift" bought on line is a no-no. I
guess it's akin to using a buy-one-meal-get-one-free
ticket on a first date. You just can't win, you know?

The Travel Industry Association of America reported last
week that travel sites on the Web were big business, until
it came time to buy. Sites that sell travel packages are
finding that the majority of would-be travelers use the
Web just to look and research. When it comes time to plop
down that big chunk of money for the trip though, they'd
rather talk to another human.

Now onto today's topic...

Maybe you might have heard that some of the Web's biggest
sites were hit by what are now being termed "cyber-
terrorists".

It's pretty scary stuff actually. Not too long ago, I
wrote a newsletter of hackers and crackers and how
brilliant they are in what they do. Still, the attacks
were fairly limited and were more embarrassing than
anything else. (You can see the effects of these attacks
at the site 2600.com). This form or hack or crack
(depending on how you define the term) was hard. You
needed to get into the system. The real higher-ups in the
brain field of cyberspace were the only ones who could do
it.

This latest attack, nick-named "Smurfing," isn't as hard.
I had a real Web-wizard explain the process to me and, he
said it's something that, relatively, isn't very hard.

Without going into great detail, since that isn't what I
want to write about anyway, the attack is pulled through
what are known as "pings". The term comes from a tone used
by submarine pilots. You can do it yourself. The easiest
method is to attach to the Internet and open your DOS
window in W95/98. At the prompt, type "ping
www.something.com".

A "tone" is sent to the domain and the domain returns the
IP number. Once you do it, you'll see all the server's
relative information. The Smurf attack used very powerful
educational and business computers to fire millions of
pings per minute to sites like CNN and eTrade. Where the
real server hit occurs is that the ping back from the
server doesn't go anywhere. That's part of the attack. The
return ping has no destination. The attacked server
becomes so overwhelmed that it crashes, or simply stops
accepting requests, what is known as a "denial-of-service"
error.

It's really a wicked attack because it happens so darn
fast and hits so hard. What's more, it didn't take
entering the machine. The attack came from outside of the
server.

It's so simple it's brilliant. It's so harmful it's scary.

My Web-wizard told me that this kind of attack was
forecast a long while back in a report to the U.S.
congress. In that report, it is reported that this type of
attack actually had the power to bring down the Web. I
laughed at his statement and then he explained how hitting
certain hubs and areas can clog the entire system.

Gosh.

So, who would do this kind of thing? So many people have
said this is just a bunch of smart kids who were just
doing it for kicks to impress their other hacker friends.
Let's hope that's it. I actually wonder if this isn't the
work of what's being termed a "hacktivist".

"Hactivist" is a term that denotes an activist who uses
hacking as a means to promoting a cause. Look at the sites
that were attacked. Each sold advertising or was involved
in eCommerce. I wonder if this isn't someone (or a group)
that wants to stop the Web from moving toward a total
marketplace.

It's a plausible theory, but I would think that there
would be demands being made if that was the case. I'm
still leaning towards the kids-having-fun theory...

So, what's an eCommerce site to do? Well, to begin with,
they need to beef up their security and have a "cyber-
watch" keeping an eye out for hackers. But the best laid
plans of mice and men often fail. So, what's next?

Buy insurance.

Since new business ventures open avenues for new types of
insurance, enter Fidelity & Deposit (F&D) in Baltimore.
F&D offer different types of insurance for the cyber-
business on the go. Here's a sampling...

1. Loss of Revenue.

If your site goes down, you lose money. From a simple
power outage to a cracker attack, if you go down, you're
covered.

2. Loss of Reputation

If your business is harmed, F&D will help pay for
Public Relations work to get you back in the commerce good
graces.

3. Stolen Secrets and Business Data

How much is your idea worth? Insure it for that amount.

4. Liability

Copyright infringement can cost you big. Be prepared.

Companies are insured anywhere from one to 250 million.
Premiums are heavy. Prices can start around 5 grand and
go up from there.

Other insurance companies have jumped on the bandwagon
and have started offering Web-business insurance. It's
nothing I can afford personally, but I can see a major
corporation needing it. I would think that two years ago,
people would have been much more tolerant of a computer
crashing. Today...not a chance. Your server is expected to
work.

I have to sell my stock for eight bucks a transaction.

>>>>>>>>>>>>>>>>>>>

That's that. Thank you again for taking the time to read
this newsletter. I appreciate it a great deal.

Joe Burns, Ph.D.

And Remember: Did you enjoy the Super Bowl? This year was
a switch. Bad commercials. Good game. Can you name the
U.S. state that has, per capita, produced the most
professional football players? Mississippi.

Loading Comments...

Web Development Newsletter Signup

Advertiser Disclosure:
Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.

Thanks for your registration, follow us on our social networks to keep up-to-date